A new wave of Cybercrime hits PayPal users. Fraudsters have developed a sophisticated phishing scam that exploits PayPal's "new address" function. This scam is so sophisticated that it can fool even experienced users.

The fraudsters send e-mails that look deceptively genuine. They inform you of a supposedly new address and an imminent delivery of an expensive product. The aim: to steal your personal data.

In this article, we explain how you can recognize these scams and protect yourself against them. We give you practical tips on how to keep your online transactions secure.

Important findings

  • Fraudsters use official PayPal e-mail addresses
  • Fake purchase confirmations for expensive products are smuggled in
  • A vulnerability in the address management system is exploited
  • Fraudsters offer "help" through remote access software
  • Warning signs are cryptic e-mail addresses in the salutation

What is phishing and how does it work?

Phishing is a form of identity theft that can damage our Privacy threatened. Fraudsters try to obtain sensitive information such as passwords or credit card details. The Safety awareness of the user is crucial.

Definition of phishing

Phishing refers to fraudulent attempts to steal personal data through fake messages. Attackers pretend to be trustworthy companies in order to trick victims into disclosing sensitive information.

Typical phishing methods

Fraudsters use various tactics to achieve their goals:

  • Sending fake payment requests
  • Exploiting e-mail distribution lists for mass mailings
  • Manipulation of the "Address 2" field in PayPal accounts
  • Use of official PayPal functions such as "Request money"

Why PayPal is a popular target

PayPal is an attractive target for phishing attacks due to its popularity and the way it handles financial data. Fraudsters exploit the trustworthiness of the brand to make their attacks appear credible.

Phishing tactics Description
Fake e-mails Use of service@paypal.com as the sender
High monetary claims Alleged orders for expensive electronic items
False advertisements Google ads posing as PayPal customer service
Misuse of PayPal functions Use of "no-code checkout" for fraudulent payment links

To protect yourself from phishing, it is important to check suspicious messages critically and never disclose sensitive data without verifying the authenticity of the request.

The new PayPal phishing wave in detail

The current wave of phishing against PayPal users reveals new, sophisticated methods. Fraudsters are using sophisticated techniques to obtain sensitive data. Spam e-mails are just the beginning of a complex scam.

Properties of the new mesh

The fraudsters often use impersonal salutations such as "Dear user" or false e-mail addresses. They threaten to block accounts and lure you in with alleged incoming payments. Particularly dangerous: a fake contact number for alleged fraud attempts.

This is what a phishing message looks like

Typical features are

  • Subject such as "You must confirm your details"
  • Request to harmful links to click
  • Spelling mistakes (e.g. "zugriff", "beschränkung")
  • Illogical sentences like "To your safety"

These messages often lead to fraudulent websites that look deceptively similar to genuine PayPal sites. The aim is to steal access data or financial information. If you are suspicious, you should forward the e-mail to phishing@paypal.com and delete it.

The role of the 'New address' function

PayPal's 'New Address' function plays a central role in this new form of online fraud. Cybercriminals are using this actually helpful function to carry out their phishing attacks and steal the Precautionary measures of the user.

Explanation of the 'New address' function

PayPal offers users the option of adding new addresses to their account. This function is normally intended to enable payments to different delivery addresses. After each address change, PayPal sends a confirmation email to the account holder.

Misuse for phishing attacks

Fraudsters exploit this function by adding a new address to their own PayPal account. This new address often contains a long, complex email address. PayPal then sends a genuine confirmation email to this address. Since the email comes from the official PayPal address "service@paypal.com", it bypasses common spam filters.

The cyber criminals automatically forward these emails to their own addresses. This gives them access to official PayPal messages, which they misuse for their phishing attacks. This method of Cybercrime is particularly dangerous, since it does not Precautionary measures of the user.

"The current phishing scam uses PayPal's change of address function to bypass server-side spam filters."

To protect yourself from this Online fraud it is important to check every e-mail critically - even if it appears to come from a trustworthy source.

Detection of suspicious e-mails

It's important in the digital world, Spam e-mails and harmful links to recognize. A sharpened Safety awareness helps to ward off phishing attempts.

Characteristics of phishing e-mails

Phishing e-mails often have characteristic features:

  • Missing personal salutation
  • Spelling mistakes and poor writing style
  • Threats and deadlines set
  • Request to enter personal data
  • Unsolicited e-mails in English

With the current PayPal scam, the unusual form of address is particularly noticeable. Instead of your name, it often contains a cryptic email address such as "Hello, SaleFinalized@infos-noreply.com".

Important safety information

To protect yourself against phishing, please note the following points:

  • Check the e-mail header with the sender's IP address
  • Be careful with e-mails in HTML format
  • Do not click on suspicious links
  • Do not disclose any personal data
  • Forward phishing emails to phishing@verbraucherzentrale.nrw

If you suspect phishing, you should act immediately. Block your online access, your account and your credit and debit cards. Keep the e-mail as evidence in case you have become a victim.

Protective measures against PayPal phishing

To protect your PayPal account from phishing attacks, there are some important Precautionary measures to note. The Safety awareness The user plays a decisive role in the Privacy.

Activate two-factor authentication

One of the most effective protective measures is to activate two-factor authentication. This additional layer of security makes it more difficult for fraudsters to access your account, even if they know your password.

  1. Log in to your PayPal account
  2. Go to the settings
  3. Select "Security
  4. Click on "Set up two-factor authentication"
  5. Follow the instructions for setting up

Report suspicious messages

Reporting suspicious messages is an important contribution to protecting the PayPal community. Forward suspicious emails to phishing@paypal.com. PayPal can react quickly and warn other users.

Suspicious features Correct action
Impersonal form of address Ignore and report
Urgency ("Act immediately!") Keep calm, contact PayPal directly
Suspicious links Do not click, check URL
Unsolicited attachments Do not open, report e-mail

Please note: Official PayPal e-mails come from service@paypal.com. Be wary of emails from similar-looking addresses. Your security awareness is the best protection against phishing attacks.

Procedure for suspicious activities

If you show signs of Online fraud or Cybercrime on your PayPal account, quick action is crucial. Here you can find out what precautions you should take and how you can get support.

Take immediate action

In the event of suspected phishing or unusual account activity:

  • Check your account directly on paypal.com, never via email links
  • Change your password immediately
  • Report suspicious emails to phishing@netzwelt.de
  • Do not install software on the instructions of alleged support staff

Support from PayPal customer service

The real PayPal customer service offers help with security problems. Please note:

Authentic PayPal support Fraudulent contact attempts
Does not contact you unsolicited Often calls "on the off chance"
Does not demand payments over the phone Urges immediate payments
Uses official contact channels Uses WhatsApp or dubious numbers

Stay vigilant and report suspicious activity immediately. In this way, you effectively protect yourself against cybercrime and contribute to the security of all PayPal users.

Security updates from PayPal

PayPal is constantly working to improve the Privacy and strengthen users' security awareness. At the beginning of March 2023, the company announced changes to its terms and conditions in response to new threats.

New security functions at a glance

PayPal is introducing new precautionary measures to combat phishing attacks. These include:

  • Increased verification of payments without PayPal registration
  • Improved detection of suspicious activity in "Family & Friends" transfers
  • Introduction of character limits in the additional address field

Frequent security questions from users

Many users ask themselves how they can best protect their account. Here are some important tips:

  • Check your account transactions regularly
  • Do not respond to urgent requests in e-mails
  • Do not call unknown numbers back
  • Use the option to block suspicious numbers

If you suspect fraud, you can contact the Federal Network Agency. It offers forms for complaints about unwanted calls to warn others about such scams.

The role of user education

Security awareness is the key to combating Online fraud. At a time when phishing attacks are becoming increasingly sophisticated, it is important that users are aware of the latest scams.

Importance of education on the Internet

Digital education plays a crucial role in protecting personal data. The more users know about security risks, the better they can protect themselves. PayPal and other platforms regularly offer training courses to raise security awareness.

Resources for the secure use of online payments

There are numerous resources that users can use for secure online banking:

  • PayPal's Security Center with up-to-date information on fraud scams
  • Consumer protection portals with tips on data protection and precautionary measures
  • Official bank websites with security information

An important precautionary measure is to report suspicious emails to phishing@paypal.com. In this way, users actively contribute to the protection of the community. Stay vigilant and continuously expand your knowledge of online security. Only together can we make the Internet safer.

Conclusion: How to stay protected

Online fraud and cybercrime are constantly evolving. Increased security awareness is therefore essential. The new PayPal phishing scam shows how cleverly fraudsters operate. They use the "friends and family" function to defraud unsuspecting users of their money.

Summary of the most important points

Fraudsters have already caused millions in losses. In the case of unauthorized direct debits, you have up to 8 weeks for a chargeback. With PayPal guest payments, up to 1500 euros can be transferred without identity verification. Criminals exploit these loopholes. Always use the "Send refund" function to correctly allocate transactions.

Call for vigilance and security

Stay alert for unexpected incoming payments. Carefully check every request for a refund. Activate two-factor authentication for your PayPal account. Act immediately if you suspect online fraud. Report suspicious activity to PayPal and your bank immediately. Only by paying more attention and acting quickly can we work together to curb cybercrime.

FAQ

What is phishing and why is PayPal a popular target?

Phishing is a form of identity theft in which criminals attempt to steal sensitive information such as passwords or credit card details. PayPal is a popular target because it is a widely used platform for online payments and provides access to financial data.

How does the new PayPal phishing scam work?

The new scam exploits PayPal's 'new address' function. Fraudsters send emails from real PayPal addresses and manipulate address information to send fake messages. These often contain a fake contact number and attempt to trick users into disclosing sensitive data.

How do I recognize suspicious emails?

Watch out for unusual salutations, cryptic e-mail addresses and urgent requests to enter data. Check links by moving the mouse over them without clicking. Be particularly careful with e-mails that purport to come from official PayPal addresses.

What are effective protective measures against PayPal phishing?

Activate two-factor authentication for your PayPal account. Report suspicious messages directly to PayPal. Always open PayPal by entering the URL directly into your browser, not via links in emails. Always keep your software and antivirus programs up to date.

What should I do if I notice suspicious activity on my PayPal account?

Check your account immediately on the official PayPal website. Change your password. Do not install any software on the instructions of supposed support staff. Contact the real PayPal customer service via the official website or app for support.

What new security features has PayPal introduced?

PayPal is continuously working on security improvements. Recent updates may include character restrictions in the address suffix field and improved detection mechanisms for suspicious activity. For the latest information, please visit the official PayPal security page.

How can I contribute to the fight against online fraud?

Stay informed about the latest scams. Report suspicious emails to phishing@paypal.com. Share your online safety knowledge with family and friends. Use the resources provided by PayPal and other trusted sources to use online payments safely.
DSB buchen
en_USEnglish